Cybersecurity Analyst

About FedSync

Since our inception, FedSync has stood for Accountability, Integrity, Teaming, Value, Innovation, and Quality-the core values that define who we are. Our vision is to collaborate with innovative, forward-thinking leaders to deliver solutions that look beyond today. Our mission is to provide the federal government with proven, innovative solutions that transform organizations by equipping them with the right tools and people to meet tomorrow's challenges. At FedSync, our people matter-both our employees and our clients.

Position Overview

The Cybersecurity Analyst proactively monitors, detects, and responds to security threats across networks, systems, and cloud environments to ensure the protection of sensitive DOE data and maintain enterprise resilience. This role drives risk reduction by analyzing incidents, implementing controls, and collaborating with cross-functional teams to strengthen the organization's security posture. Five (5) Cybersecurity Analysts are required for this engagement. Work will be a hybrid schedule withe 3 days in the office and 2 days of telework.

Key Responsibilities

• Perform threat triage, incident investigation, and risk analysis to protect the confidentiality, integrity, and availability of DOE systems, applications, and data assets.
• Analyze security alerts and events to identify indicators of compromise (IOCs), attack patterns, and emerging threats across on-premises, cloud, and hybrid environments.
• Correlate security data from disparate sources to develop a unified view of organizational cyber risk, enabling informed decision-making and prioritization.
• Identify vulnerabilities, misconfigurations, and protection gaps across infrastructure, cloud platforms, and data-centric environments; validate findings and assess potential business impact.
• Monitor, analyze, and detect cybersecurity threats across multiple security domains including Security Operations (SOC), Cloud Security, Infrastructure Security, Information Protection, and Data Protection.
• Monitor security alerts through the SIEM platform and execute immediate triage and incident response protocols.
• Conduct proactive threat hunting to identify hidden threats and adversary behavior.
• Implement, tune, and manage DLP controls across endpoints, email, and cloud collaboration platforms.
• Ensure alignment with federal and regulatory security standards (NIST, FISMA) and internal cybersecurity policies.
• Contribute to continuous improvement of security operations by documenting findings, trends, and lessons learned from incidents and risk assessments.

Minimum Qualifications

• 5+ years of experience in cybersecurity analysis, security operations, or a related field.
• Demonstrated experience performing threat triage, incident response, and risk analysis.
• Proficiency with SIEM platforms, vulnerability scanners, and cloud security tools.
• Working knowledge of NIST and FISMA compliance frameworks.
• Experience supporting security in large enterprise or public-sector environments preferred.

Required Certifications (one or more)

• CISSP, CompTIA Security+, CompTIA CySA+
• CEH (Certified Ethical Hacker)
• GCIA, GCIH, CISA, or CCSP

Technologies/Tools

• SIEM: Devo / Splunk
• Vulnerability Scanners: Rapid7 / Armis
• Cloud Platforms: AWS / Azure
• Wireshark, SQL, Python, MS Power BI, Microsoft Office Suite